How To Display The Default Attack Detector Configuration - Cisco SCE8000 Configuration Manual
Service control engine
Hide thumbs
Also See for SCE8000:
- Installation and configuration manual (248 pages) ,
- Installation manual (51 pages) ,
- Removal and replacement procedures (36 pages)
Table of Contents
Advertisement
Monitoring Attack Filtering
UDP
UDP
UDP+port|net.|source-only||
UDP+port|net.|dest-only
UDP+port|sub.|source-only||
UDP+port|sub.|dest-only
UDP+port|net.|source+dest||
UDP+port|sub.|source+dest||
ICMP
ICMP
ICMP
ICMP
other
other
other
other
Empty fields indicate that no value is set and configuration from
the default attack detector is used.
SCE#>
How to display the default attack detector configuration
Step 1
From the SCE> prompt, type show interface linecard 0 attack-detector default and press Enter.
Example
SCE>show interface LineCard 0 attack-detector default
Default detector:
Protocol|Side|Direction
--------|----|-----------||------|----------|------------|-------|-----|-----
TCP
TCP
TCP
TCP
TCP
TCP
TCP+port|net.|source-only||Report|
TCP+port|net.|dest-only
TCP+port|sub.|source-only||Report|
TCP+port|sub.|dest-only
TCP+port|net.|source+dest||Report|
TCP+port|sub.|source+dest||Report|
UDP
UDP
UDP
UDP
UDP
UDP
UDP+port|net.|source-only||Report|
UDP+port|net.|dest-only
UDP+port|sub.|source-only||Report|
UDP+port|sub.|dest-only
UDP+port|net.|source+dest||Report|
UDP+port|sub.|source+dest||Report|
ICMP
ICMP
ICMP
ICMP
Cisco SCE8000 Software Configuration Guide, Rel 3.1.6S
10-24
|net.|source+dest||
|sub.|source+dest||
||
||
|net.|source-only||
|net.|dest-only
||
|sub.|source-only||
|sub.|dest-only
||
|net.|source-only||
|net.|dest-only
||
|sub.|source-only||
|sub.|dest-only
||
||Action|
|
|
||
|
|
||
|net.|source-only||Report|
|net.|dest-only
||Report|
|sub.|source-only||Report|
|sub.|dest-only
||Report|
|net.|source+dest||Report|
|sub.|source+dest||Report|
||Report|
||Report|
|net.|source-only||Report|
|net.|dest-only
||Report|
|sub.|source-only||Report|
|sub.|dest-only
||Report|
|net.|source+dest||Report|
|sub.|source+dest||Report|
||Report|
||Report|
|net.|source-only||Report|
|net.|dest-only
||Report|
|sub.|source-only||Report|
|sub.|dest-only
||Report|
Chapter 10
Identifying and Preventing Distributed-Denial-Of-Service Attacks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Thresholds
|Open flows|Ddos-Suspected flows|notif|
|rate
|rate
1000|
500|50
1000|
500|50
1000|
500|50
1000|
500|50
100|
50|50
100|
50|50
1000|
500|50
1000|
500|50
1000|
500|50
1000|
500|50
100|
50|50
100|
50|50
1000|
500|50
1000|
500|50
1000|
500|50
1000|
500|50
100|
50|50
100|
50|50
1000|
500|50
1000|
500|50
1000|
500|50
1000|
500|50
100|
50|50
100|
50|50
500|
250|50
500|
250|50
500|
250|50
500|
250|50
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|Yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|Sub- |Alarm
|ratio
|
|
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
|No
OL-16479-01
Advertisement
Table of Contents
